The remote host is missing an update to dhcp3announced via advisory USN-803-1.

Details follow:

It was discovered that the DHCP client as included in dhcp3 did not verifythe length of certain option fields when processing a response from an IPv4dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to amalicious dhcp server, a remote attacker could cause a denial of service orexecute arbitrary code as the user invoking the program, typically the'dhcp' user. For users running Ubuntu 8.10 or 9.04, a remote attackershould only be able to cause a denial of service in the DHCP client. InUbuntu 9.04, attackers would also be isolated by the AppArmor dhclient3profile.

Solution:The problem can be corrected by upgrading your system to thefollowing package versions: